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* NOTICES * 



Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

irldsefr"^^"^ translated by computer. So the transiauon may not retlect the original 

2. * * * * shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] ~~ — _ 

[Claim 1 ] In what a client and a server are mutually connected through a network and a server provides 
with predetermmed service according to the demand of a client to a client side. The feature data 
wiST^'^'h ^1"'^ ^T'"' ^^^^'^ ^^^^ °f ^ "s^^'s eye,.The card input section 

\^lficatm£Sde, The registration feitGreHSta whichthis card inpmsection read, and the feature data 
ot the image a user s eye which the feature data acquisition section acquired are collated It has the 

codeiilejajac^jto^^ user's identification code - having - a client ^i^. „ i} ^. r^o.,it of the 
aforementionec^^ prociiimg - ausefHac^Mgr, when it clieck&a^dlhJiiro It iTfcglS^ork 
^-gg^^^^^^^^gE^gy^"^^fe^^ by 
asgrve r starting se rvice to a user with rp.fprPnr^4^.a&ideBtffica tion code fi le_ ^ 
4CW2j4n-what-a:dk-Htandase^^ 
with predetermmed service according to the demand of a client to a client side The feature data 
acquisition section which acquires the feature data from the image of a user's eye. The card input section 

^^^""^ '^'^''''^^'^ °" which the user threw in, and a user's identification 

code, While reading a cardholder's registration feature data from the registration feature data file by the 
file search key which tins card input section read It has the collating section which checks tiiat it is him 
flie feature data of tiie image a user's eye which the aforementioned feature data acquisition section 
acquired - collating - a user -- a cardholder - to a server side the identification code file which stored a 
regular user s identification code - having - a client side - the result of the aforementioned collating 
processing - a user - a cardholder, when it checks with him It is the network security system which 
Identification code is transmitted to a server from a client, and is characterized by a server starting 
service to a user witii reference to an identification code file. 

[Claim 3] In what a client and a server are mutually connected through a network and a server provides 
with predetermined service according to the demand of a client to a client side The feature data 
acquisition section which acquires the feature data from the image of a user's eye, By tiie file search key 
which tiie card input section which reads the file search key recorded on the card which the user tiirew 
in and a user s identification code, and tiiis card input section read A cardholder's registration feature 
data are read from tiie registration featiire data file connected through tiie network to tiie client It has the 
collating section which checks that it is him. the feahire data of tiie image a user's eye which tiie 
aforementioned feature data acquisition section acquired -- collating - a user -- a cardholder - to a 
server side the identification code file which stored a regular user's identification code - having - a 
client side -- tiie result of tiie aforementioned collating processing - a user - a cardholder, when it 
checks witii him It is the network security system which identification code is tiansmitted to a server 
hrom a client, and is characterized by a server starting service to a user witii reference to an identification 



[Claim 4] It is the network security system which supervises time after a server requires tiie start of 
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* NOTICES * 

Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original 
precisely. * 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 

DETAILED DESCRIPTION ~ ~ ~~ ~" 

[Detailed Description of the Invention] 
[0001] 

[The technical field to which invention belongs] this invention relates to the network security system 
which secures the safety in the case of performing sanction etc. through a network. 

^0002 J 

[Description of the Prior Art] The personal computer called multimedia PC can treat voice a picture 
etc., and is widely used for information transmission and reception of E-mail and others various kind's 
Moreover, such a termmal is connected to a huge network which is represented by the Internet and it is 
provided with various services including a commercial transaction. When conducting the dealings which 
led such a network, predetermined sanction is needed in order to form dealings However there is a 
possibility of the data being stolen by the so-called hacker etc. and abusing a network top'when a 
.-^swQEdah|..cMe.iata„Qfa.mon^ 
[0003] '"^ ° application form, the transfer processing in the window of a bank, etc. 

[Problem(s) to be Solved by the Invention] However, since the method of sanction like before is 
troublesome for a user, it lacks in the convenience of the dealings using the network. In order to solve 
such a point, encoding technology is studied widely. Perfect defense is not necessarily made \ as 
opposed to / a hacker / not necessarily / in this ] . 

[0004] On the other hand, the technology of checking him is developed using the feature data acquired 
trom the image of an eye for for example, visitor management etc. (JP,5-84166 B) Here the 
predetermined feature data which processed the iris data which are a part of image of an eye are 
obtained, and it judges whether you are him like a fingerprint etc. It is desirable to use this kind of 
technology for the security of the dealings in a network. 
[0005] 

[Means for Solving the Problem] this invention adopts the next composition in order to solve the above 
point. 

<Composition 1> In what a client and a server are mutually connected through a network and a server 
provides with predetermmed service according to the demand of a client to a client side The feature data 
acquisition section which acquires the feature data from the image of a user's eye, The card input section 
which reads the registration feature data recorded on the card which the user threw in and a user's 
Identification code, Th£J:egistration fe^^tiire. dnta which this card input section read, and the feature data 
ot the image a user's eye which the feature data acquisition section acquired are collated It has the 
collating section which checks that it is him. a user - a cardholder - to a server side the identification 
code Iile which stored a regular user's identification code - having - a client side - the result of the 
above-mentioned collating processing - a user - a cardholder, when it checks with him It is the network 
security system which identification code is transmitted to a server from a client, and is characterized by 
a server starting service to a user with reference to an identification code file 

[0006] <Composition 2> In what a client and a server are mutually connected through a network and a 
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data or a personal identification number to a network only for the identification code 1 3 which is the 
demand and its response from a server 3. For this reason, the improper use by personal information leak 
can be prevented, and a user - as for him, by using the identification code which cannot be known risk 
ot being stolen by others also decreases and identification code raises the security of a commercial' 
transaction 

[0019] <Example 2> The system block view of an example 2 is shown in drawing 3 . This system also 
has the composition that a client 1 performs a predetermined access demanTto^ver 3 through a 
network 2. The composition of the feature data acquisition section 4 connected to the client 1 the card 
input section 6, and collating section 7 grade is the same as that of an example 1 . By this exarliple 2 the 
registration feature data file 1 5 is newly comiected to the collating section 7. the predetermined file ' 
search key 14 and the predetermined registration feature data 12 are matchine ******Ced^ bv the 
registration feature data file 1 5 ^ ^ ^ 

[0020] Moreover, this file search key 14 and identification code 13 are stored in a card 5 The collating 
section 7 searches the registration feature data file 15 using the file search key 14 and reads the 
corresponding registration feature data 12. And it is constituted so that collating processing with the 
acquisition feature data 1 1 inputted from the registration feature data 12 and the feature date acquisition 
section 4 may be performed. Other composition is the same as that of an example 1 
[0021] Operation of an example 2 is explained using drawing 4 . Drawing 4 is the system operation flow 
chart of an example 2. At Step SI of drawing, a serveF^^^fSs th^^dlitmg demand of the feature date 
to the access demand from a client like an example 1, and a client acquires the image of a user's eye at 

. c. u 'n P ' ^'^^ ^^^""^ ^^^^ 5 which the user 9 threw in By 

f? 1' ; ^°"^ting section 7 reads the registration feature date 12 corresponding to the file search key 
14 with reference to the registration feature data file 15. And in Step S5, collating processing with the 
acquisition feature data 1 1 inputted from the feature date acquisition section 4 is performed If judged as 

--*imasaresuh-<)f-thiseolktiflg,4t-wil^progre^ 

be transmitted to a server 3. The following processings are the same as that of an example 1 and start 
(ste^Sr "'^"^ identification code at Step S8. Processing is stopped if not judged as him 

[0022] <Effect of an example 2> Since the registration feature date are not stored in a card 5 as 
compared with an example 1 but the file search key was stored, the amount of data which should be 
stored in a card 5 can be lessened enough. Therefore, an easy magnetic card etc. can realize a card and a 
transaction cost can be cut down. Other effects are the same as an example 1 . 

[0023] <Example 3> The system block view of an example 3 is shown in drawing 5 . As shown in this 
drawmg, by the example 3, the registration feature date file 15 is connected through 1st network 2A to a 
client 1 This 1st network 2A is taken as the network which is easy to secure the secret of date on a 
network like LAN (Local Area Network). A majority of other clients which are not illustrated shall be 
comiec ed to this 1st network 2A. Moreover, the file search key 14 and the registration feature date 
consteltetion 18 are stored in the regisfration feature data file 15 

[0024] **[ comparison ofthe system of the example 2 shown in drawing 3 , and the system of this 

/ Vi / registrafion feature date file 15 is connected through 1st network 2A to the 

chent 1 / it ] In addition, the registration feature data constellation 18 corresponding to the file search 
A-A flu l''!'^^ registration feature date file 15 is the registration feature date aggregate which 
divided the whole registration feature date suitebly. 

K?f n P^^'^T'^g ^oUati^g processing, the collating section 7 searches the registration feature 
.Tin I ^ "^^"^^'^ ^'^^"^'■^^ the required registration feature date 

n?wW • 1'°;! ^^^at^^g P^o^essing is performed. Other operation is completely the same as that 

of what IS sho^^ m drawmg 3 . You may make a file search key and the registration feature date 
correspond to the example 2 shown in drawing 3 by the one to one so that it may be shown Moreover 
conversely, tiie file search key 14 may be made to correspond also in the case of an example 2 and the 

coUatmg section 7 has the acquisition feature date 1 1 and a match in the registration feature date 
http://www4.ipdI.jpo.go.jp/cgi.bin/tran_web_cgi_ejje 1 0/1 5/03 



Page 5 of? 



constellation. Also in an example 3, it is the same and the collating section 7 performs collating 
processing with the registration feature data constellation 18 and the acquisition feature data 1 1 which 
were received through 1st network 2A. If the file search key corresponding to all the registration feature 
data IS prepared, the number of characters of a file search key will increase remarkably, and two or more 
registration feature data by one file search key will be taken out because management becomes less 
easy. Moreover, it is because the rest should just perform collating processing by the collating section 7 
if collating processing takes out the registration feature data to the grade made comparatively promptly 
[0026] <the effect of an example 3> - since the registration feature data file 1 5 is connected to 1 st 
network 2A in addition to the effect of an example 2, refer to this registration feature data file 1 5 for 
other clients connected to this 1st network 2A freely It becomes unnecessary therefore, to save the big 
registration feature data file at a client side. Of course, as for the registration feature data file 15, only 
the arbitrary numbers instead of one may be connected to 1st network 2A. By this, if even the collating 
section of the feature data is in a client side, it will connect with a network freely and extension of a 
system will be attained. Moreover, since the increase and decrease of change of the registration feature 
data file 15 can be performed easily, maintenance nature improves, and maintenance cost can be cut 
down. 

[0027] <Example 4> The sequence chart of an example 4 is shown in drawing 6 . By this example 4, 
when a server receives an access demand from a client, it supervises whether the client is actually 
performing collating processing of the feature data, and unjust processing is eliminated from the 
processing time etc. The system which applies this example 4 may be any system explained by drawing 

!_ , drawing 3 , drawing 5 , etc. 

[0028] In drawing 6 , a client 1 requires access from a server 3 at Step SI first. A server 3 performs the 
collating demand of the feature data to a client 1 corresponding to this at Step S2. A client 1 makes the 
collating preparations in Step S3. That is, for example in the system of drawing 1 , the feature data 
acquisition-5eGtioH4aGquiresthe4mage-of^-user^-eye,-and-generation-pro 

performed. Next, in Step S5, a preparation-completion report is performed to a server 3. On the other 
hand, a server 3 performs the surveillance by the timer, after performing the collating demand of the 
feature data to a client 1 at Step 82 (step S4). 

[0029] That is, after supervising the time from a collating demand to a preparation-completion report 
and performing suitable processing by the client 1 side, it judges whether the preparation-completion 
report S5 was accepted. Dealings are stopped noting that a certain injustice arises, when [ remarkable ] 
the time to a report is long, or in being unusually short. When injustice is detected, it progresses to Step 
S 10, and trading-halting processing etc. is performed. Furthermore, the server 3 which received the 
preparation-completion report at Step S5 performs collating start directions at Step S6. On the other 
hand, a client 1 performs collating processing in Step S7, and reports the notice of a result in step S9. A 
server 3 performs a timer supervision until it receives a notice by step S9 a result from the time of 
sending the collating start directions S6 to a client 1 also in this case (Step S8). 

[0030] Here, in consideration of the time for required collating processing, the remarkable case of being 
short, and the remarkable case of being long are judged to be unjust processing. Thus, it is 
distinguishable whether the actual feature data collating processing is performed or identification code is 
transmitted immediately, without performing this processing. 

[003 1 ] <Effect of an example 4> Since a server supervises the collating processing time including the 
collating preparation by the client etc. as mentioned above, unjust processing is eliminated and security 

15 raised. For example, if a preparation-completion report comes immediately or identification code 
comes to the short time which performs collating processing and which is not on the contrary using the 
feature data acquired unjustly beforehand, it can be judged as what was prepared unjustly. 

[0032] <Example 5> The system block view of an example 5 is shown in dravying 7 . The client 1 is 
connected to the server 3 also for this system through the network 2. Moreover, in this system, a camera 

16 IS connected to a client 1 and it has composition which acquires the image of a user's 9 eye 
Moreover, the registration feature data file 15 and the collating section 7 are formed in a server 3 side 
[0033] The system of the above-mentioned composition operates as follows. The operation flow chart of 
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* NOTICES * 

Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original 
precisely. ^ 

2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 

EFFECT OF THE INVENTION — - _ 

<the effect of an example 1> - according to this example - a client side - the feature data of the image 
ot an eye like iris data - using it -- him - in order to check, use of a third person is prevented and 
security is raised And the data which flow to a network do not pass personal information like the feature 
data or a personal identification number to a network only for the identification code 13 which is the 
demand and its response from a server 3. For this reason, the improper use by personal information leak 
can be prevented, and a user - as for him, by using the identification code which cannot be known risk 
of being stolen by others also decreases and identification code raises the security of a commercial' 
transaction 

[0019] <Example 2> The system block view of an example 2 is shown in drawing 3 . This system also 
has the composition that a client 1 performs a predetermined access demand to a server 3 through a 
network 2. The composition of the feature data acquisition section 4 connected to the client 1 the card 
input section 6, and collating section 7 grade is the same as that of an example 1. By this example 2 the 

-registration-feature-datafile-l-5-isnewly-curaie^ctedncnhrcoU^^^ 

search key 14 and the predetermined registration feature data 12 are matching ******(ed) bv the 
registration feature data file 15 

[0020] Moreover, this file search key 14 and identification code 13 are stored in a card 5. The collating 
section 7 searches the registration feature data file 15 using the file search key 14, and reads the 
corresponding registration feature data 12. And it is constituted so that collating processing with the 
acquisition feature data 1 1 inputted firom the registration feature data 12 and the feature data acquisition 
section 4 may be performed. Other composition is the same as that of an example 1. 
[0021] Operation of an example 2 is explained using drawing 4 . Drawing 4 is the system operation flow 
chart of an example 2. At Step SI of drawing, a server performs the collating demand of the feature data 
to the access demand fi-om a client like an example 1, and a client acquires the image of a user's eye at 
Step S2. Next, at Step S3, the file search key 14 is read fi-om the card 5 which the user 9 threw in By 
step S4, the collating section 7 reads the registration feature data 12 corresponding to the file search key 
14 with reference to the registration featiire data file 15. And in Step S5, collating processing with the 
acquisition featiire data 1 1 inputted from the featiire data acquisition section 4 is performed If judged as 
him as a result of tins collating, it will progress to Step S7 fi-om Step S6, and identification code 13 will 
be tiansmitted to a server 3. The following processings are the same as that of an example 1 and start 
the service whose server used identification code at Step S8. Processing is stopped if not judged as him 
(step S9). 

[Translation done.] 
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Japan Patent Office is not responsible for any 
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3. In the drawings, any words are not translated. 



TECHNICAL PROBLEM 

[Problem(s) to be Solved by the Invention] However, since the method of sanction like before is 
troublesome for a user, it lacks in the convenience of the dealings using the network. In order to solve 
such a pomt, encoding technology is studied widely. Perfect defense is not necessarily made [ as 
opposed to / a hacker / not necessarily / in this ]. 

[0004] On the other hand, the technology of checking him is developed using the feature data acquired 
from the image of an eye for for example, visitor management etc. (JP,5-84166,B). Here, the 
predetermined feature data which processed the iris data which are a part of image of an eye are 
obtained, and it judges whether you are him like a fingerprint etc. It is desirable to use this kind of 
technology for the security of the dealings in a network. 



[Translation done.] 
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MEANS 



[Means for Solving the Problem] this invention adopts the next composition in order to solve the above 
point. 

<Composition 1> In what a client and a server are mutually connected through a network and a server 
provides with predetermined service according to the demand of a client to a client side The feature data 
acquisition section which acquires the feature data from the image of a user's eye, The card input section 
which reads the registration feature data recorded on the card which the user threw in, and a user's 
identification code, The registration feature data which this card input section read, and the feature data 
of the image a user's eye which the feature data acquisition section acquired are collated. It has the 
collating section which checks that it is him. a user a cardholder - to a server side the identification 
code file which stored a regular user's identification code - having - a client side - the result of the 
above-mentioned collating processing - a user a cardholder, when it checks with him It is the network 
— securi^_^y^tem.whichidentificationxodeds-transmittedio.-a-sery^ 

a server starting service to a user with reference to an identification code file. 

[0006] <Composition 2> In what a client and a server are mutually connected through a network and a 
server provides with predetermined service according to the demand of a client to a client side The 
feature data acquisition section which acquires the feature data from the image of a user's eye, The card 
input section which reads the file search key recorded on the card which the user threw in, and a user's 
identification code, While reading a cardholder's registration feature data from the registration feature 
data file by the file search key which this card input section read It has the collating section which 
checks that it is him. the feature data of the image a user's eye which the above-mentioned feature data 
acquisition section acquired - collating ~ a user - a cardholder - to a server side the identification code 
file which stored a regular user's identification code - having - a client side ~ the result of the above- 
mentioned collating processing - a user -- a cardholder, when it checks with him It is the network 
security system which identification code is transmitted to a server from a client, and is characterized by 
a server starting service to a user with reference to an identification code file. 

[0007] <Composition 3> In what a client and a server are mutually connected through a network and a 
server provides with predetermined service according to the demand of a client to a client side The 
feature data acquisition section which acquires the feature data from the image of a user's eye, By the 
file search key which the card input section which reads the file search key recorded on the card which 
the user threw in, and a user's identification code, and this card input section read A cardholder's 
registration feature data are read from the registration feature data file connected through the network to 
the client. It has the collating section which checks that it is him. the feature data of the image a user's 
eye which the above-mentioned feature data acquisition section acquired - collating - a user - a 
cardholder - to a server side the identification code file which stored a regular user's identification code 
- having - a client side the result of the above-mentioned collating processing - a user ~ a 
cardholder, when it checks with him It is the network security system which identification code is 
transmitted to a server from a client, and is characterized by a server starting service to a user with 
reference to an identification code file. 
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DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 
[Drawing 1] It is the system block view of an example 1 . 
[Drawing 2] It is the system operation flow chart of an example 1 . 
[Drawing 3] It is the system block view of an example 2. 
[Drawing 4] It is the system operation flow chart of an example 2. 
[Drawing 5] It is the system block view of an example 3. 
[Drawing 6] It is the sequence chart of an example 4. 
[Drawing 7] It is the system block view of an example 5. 
[Drawing 8] It is the system operation flow chart of an example 5. 
[Drawing 9] It is the system block view of an example 6. 
[Drawing 10] It is the system operation flow chart of an example 6. 

POrawingJ^ 

[Drawing 12] It is the system operation flow chart of an example 7. 
[Description of Notations] 

1 Client 

2 Network 

3 Server 

4 The Feature Data Acquisition Section 

5 Card 

6 Card Input Section 

7 Collating Section 

8 Identification Code File 



[Translation done.] 
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DRAWINGS 



[Drawing 1] 
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[Drawing 2] 
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[Drawing 3] 
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[Drawing 5] 
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[Drawing 6] 




[Drawing 7] 
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[Drawing 12] 
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